I have installed RD 4.8 CE on a Windows 2019 server + MariaDB. The application is up and I can login with the admin account. Service is Windows integrated.
I'm trying now to allow AD users to login and perform activities. I haven't found much documentation on how to configure RD on Windows. So I'm grabbing from here and there. So far I have done the following:
Created a file called jass-multiauth.conf in server/config/ folder as listed below:
multiauth {
com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule sufficient
debug="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
providerUrl="ldaps://xxxxxxxxxxx:636"
bindDn="CN=xxxxxx,OU=Service Accounts,OU=Admin Users and Groups,OU=xxx,DC=xxx,DC=xxx,DC=xxx"
bindPassword="x$xx<x>xx"
authenticationMethod="simple"
forceBindingLogin="true"
userBaseDn="OU=Admin Users,OU=Admin Users and Groups,OU=xxx,DC=xxx,DC=xxx,DC=xxx"
userRdnAttribute="sAMAccountName"
userIdAttribute="sAMAccountName"
userPasswordAttribute="unicodePwd"
userObjectClass="user"
roleBaseDn="OU=Groups,OU=Admin Users and Groups,OU=xxxx,DC=xxx,DC=xxx,DC=xxx"
roleNameAttribute="cn"
roleMemberAttribute="member"
roleObjectClass="group"
cacheDurationMillis="300000"
timeoutRead="10000"
reportStatistics="true"
supplementalRoles="user";
org.eclipse.jetty.jaas.spi.PropertyFileLoginModule required
debug="true"
file="E:/rundeck/server/config/realm.properties";
};
when I restart rundeck service the AD users are not recognized and no error at all is displayed in the log. I can however login with the admin account. So to troubleshoot this I added:
java %RDECK_CLI_OPTS% %RDECK_SSL_OPTS% -Drundeck.jaaslogin=true -Dloginmodule.conf.name=jaas-multiauth.conf -Djava.security.auth.login.config=E:\rundeck\server\config\jaas-multiauth.conf -Dloginmodule.name=multiauth -jar rundeck.war --skipinstall -d >> %CURDIR%\var\logs\service.log 2>&1
to the start-rundeck.bat file and in fact when I launch it I see an error which is quite weird:
[2022-12-22T18:58:09,409] ERROR config.GrailsApplicationPostProcessor - Error loading spring/resources.groovy file: java.io.IOException: E:\rundeck\server\config\jaas-multiauth.conf (No such file or directory)
java.lang.SecurityException: java.io.IOException: E:\rundeck\server\config\jaas-multiauth.conf (No such file or directory)
the file is there, path is correct and permission is set as on any other file in same directory. I deleted the file and created it again, but same error.
Also, I have a question: I understand that I should not edit the profile file. Hence, when the problem above is fixed, considering that the rundeck service is Windows integrated, where shall I put the line:
java %RDECK_CLI_OPTS% %RDECK_SSL_OPTS% -Drundeck.jaaslogin=true -Dloginmodule.conf.name=jaas-multiauth.conf -Djava.security.auth.login.config=E:\rundeck\server\config\jaas-multiauth.conf -Dloginmodule.name=multiauth -jar rundeck.war --skipinstall -d >> %CURDIR%\var\logs\service.log 2>&1
to refer the jass-multiauth.conf file?
Your multiauth config file is saved as jass-multiauth.conf but the launcher script is looking for jaas-multiauth.conf (jass =! jaas). That is the reason of "No such file or directory" error. Rename the file as jaas-multiauth.conf and relaunch the Rundeck service.
Related
So I was trying to make a 1.17.1 minecraft server on my mac. I couldn't open my 1.17.1_server.jar with Java 8 so I download Java 16.0.2.
Unfortunately, everytime I was opening the 1.17.1_server.jar file, I got
"The Java JAR file "1.17._server.jar" could not be launched." .
I first thought that it was because the file was launch by Java 8 instead of 16.
So I went into the terminal and run :<path to java> -jar 1.17.1_server.jar
I then got this : Error: Unable to access jarfile 1.17.1_server.jar
Finally i tried to put the path of the jar file in the command...
So I've run : path to java -jar path to server
and got this :
[main/ERROR]: Failed to load properties from file: server.properties
[15:57:35] [main/WARN]: Failed to load eula.txt
[15:57:35] [main/INFO]: You need to agree to the EULA in order to run the server. Go to eula.txt for more info.
So why I have to agreed Eula if i've never launched it ? Does it think that he already been launched ?
As stated in the error message
[15:57:35] [main/INFO]: You need to agree to the EULA in order to run the server. Go to eula.txt for more info.
You have to open the file and check yes
Okay find the solution: my eula and server properties file were in my user folder dk why (never moved them so...)
Trying to deploy/run a springbok application (jar) on Azure App Service, but seeing an "Application Error".
Application
We built the application using Springboot and wanted to deploy the prebuilt jar file (from /target" folder.
Azure Setup
Created a new App Service using Java 11
Under "Deployment Center" linked with the Github repository that holds the code and jar file under /target
Under App service > Configuration > General Settings > Startup Command
java -jar /target/lead-processing-0.0.1-SNAPSHOT.jar
Logs
2021-05-05T22:25:23.730536337Z STARTUP_FILE=
2021-05-05T22:25:23.737427449Z STARTUP_COMMAND=java -jar /target/lead-processing-0.0.1-SNAPSHOT.jar
2021-05-05T22:25:23.738113651Z No STARTUP_FILE available.
2021-05-05T22:25:23.738719652Z Running STARTUP_COMMAND: java -jar /target/lead-processing-0.0.1-SNAPSHOT.jar
2021-05-05T22:25:24.003600232Z Finished running startup command 'java -jar /target/lead-processing-0.0.1-SNAPSHOT.jar'. Exiting with exit code 1.
2021-05-05T22:25:24.004755134Z Error: Unable to access jarfile /target/lead-processing-0.0.1-SNAPSHOT.jar
Are we missing anything?
The problem that app service cant find your jar file.
Unable to access jarfile /target/lead-processing-0.0.1-SNAPSHOT.jar
I think when you deployed from target then you jar is possible in root. Go to App Service Editor inside of your app and check location for your jar
Removing the "/" right before the target works for me
I am trying to run a Java application from the command line.
The format is as follows from the command line:
<executable name> <configuration file path and name> -classpath <list of jars including the path to the jar> <path to main method>
When I run this application, it starts fine and allows me to log into the application. But when I submit my login credentials, I receive a 'Class not found' error. My colleague can has the same jars on his computer and when he logs in it works fine.
We are using the same login credentials.
The jars are the same, so the class not found cannot be in those jars. When it tries to authenticate, it uses a web service on a server. So, I cannot determine where to look to see what class I am missing.
Does anyone have any ideas as to where I should be looking?
I'm new to Tomcat, Fuseki and the Shiro.ini file, so forgive me for asking silly questions.
System:
MacMini ==> OS.X 10.13 (acts as dev-server)
Java ==> 8
Tomcat ==> 9.0.10
Workflow:
Via a Plist file, the Tomcat instance gets started on each boot of the server.
in /Users/username/tomcat/webapps I've put the fuseki.war file which got extracted successfully.
I inserted a custom made RDF-file, which gets loaded after reboots and served
(this is where the good things end)
Problem:
I can access the RDF file through: http://localhost:8080/fuseki, I can perform SPARQL-queries and everything else I need to get done. However, when connecting the dev-server to a PC and accessing it through it's IP: e.g.http://192.168.0.112:8080/fuseki; I end up seeing the server which has a green status, and the entire web-interface works except for the datasets. When I go to http://192.168.0.112:8080/fuseki/dataset and press 'query' (or any other button) it displays: "Please select a database"
**Cause:
I found this thread fuseki webinterface does not show datasets (SO), which lead me to investigate the shiro.ini file. As it turns out I don't have one.
I then searched for shiro.ini and found a reference in /Users/username/tomcat/webapps/fuseki/WEB-INF/web.xml:
<context-param>
<param-name>shiroConfigLocations</param-name>
<!-- Try a path in: FUSEKI_BASE, FUSEKI_HOME, war resource
If a "file:" then look there and there only.
-->
<param-value>shiro.ini</param-value>
</context-param>
This made me think that I'd need to put the shiro.ini file in my root folder (Users/username/tomcat/webapps/fuseki/shiro.ini) and not in (Users/username/tomcat/webapps/fuseki/run/shiro.ini). However neither work.
I also looked in a logfile: catalina.out, based from that it seems that the shiro.ini file gets loaded (or at least there are no indiciations that there's an error with it.)
Here's the relevant extract from that log:
[2018-07-31 09:18:54] Config INFO FUSEKI_HOME=unset
[2018-07-31 09:18:54] Config INFO FUSEKI_BASE=/etc/fuseki
[2018-07-31 09:18:54] Config INFO Shiro file: file:///etc/fuseki/shiro.ini
[2018-07-31 09:18:55] Config INFO Context path = /fuseki
[2018-07-31 09:18:55] Config INFO Configuration file: /etc/fuseki/config.ttl
I can't find however any folder etc/fuseki/? So what's up with this to start with?
Here is the shiro.ini file:
[users]
admin=passXXX #non-default
[main]
#localhost=org.apache.jena.fuseki.authz.LocalhostFilter
[roles]
[urls]
##control open to anyone
/$/status = anon
/$/ping = anon
##rest restricted to Localhost
## see above for localhost
#/$/** = localhost
/**=anon
I'm not sure what's going on at this point, so any pointers are more than welcome.
Turns out the issue had more to do with my unfamiliarity with the MAC OS, than with Tomcat or Fuseki.
The folder /etc/fuseki which was referenced in the catalina.out file is tightly locked and it's actual path is /private/etc/fuseki (though this doesn't seem to matter)
By default you can't enter the fuseki folder due to no rights at all. Even doing:
sudo cd /private/etc/fuseki
or
sudo cd /etc/fuseki
won't work. I needed to give myself read/write access to the folder via getinfo (though I think you could achieve this as well via chown.
Now I could view that folder's content, yet all files and folders in there had the same issue and required the same solution. So now I could customize the shiro.ini and configuration/rdf.ttl file.
If I do
sudo cd /private/etc/fuseki
or
sudo cd /etc/fuseki
now, then I can successfully view the content.
My java app runs fine stand-alone. But when I run it as a Java Web Start app, it starts up but fails when I click a certain button. I couldn't figure out how to debug it so thought I'd add logging. That caused permission denied error and wouldn't even start up.
To try and solve that problem, I added
permission java.util.logging.LoggingPermission "control"
to the C:\Program Files\Java\jre1.8.0-171\lib\security\java.policy file and the C:\Program Files\Java\jdk1.8.0-171\jre\lib\security\java.policy file. Restarted the Apache HttpServer and tried again. Same result.
Next I added the following line to the same two files:
permission java.security.AllPermission;
Same result.
Next I self-signed the jar file. Same result.
Next I added
<security><all-permissions/></security>
to the dynamically generated .jnlp file. This time I got a new message:
"unsigned application requesting unrestricted access to system"
A jarsigner verify confirms the jar file has been signed:
jarsigner -verify myjarfile.jar
jar verified.
I don't know what else to try. Suggestions?
First of all, there needed to be a ";" after "control". I don't know if that would have fixed the problem in itself but I found a parsing error for it in the log file. Meanwhile, I had changed all my "logger" commands back to System.out.println commands.
Next I checked "Enable tracing" and "Enable logging" in the Advanced tab of the Java Control Panel.
Then, in a DOS shell, I navigated to the location of myjnlp.jnlp file and entered the following commands:
set JAVAWS_TRACE_NATIVE=1
set JAVA_TOOL_OPTIONS=-Xdebug -Xnoagent -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=8000
javaws myjnlp.jnlp
That caused log files to be created in the home directory at C:\Users\Greg\AppData\LocalLow\Sun\Java\Deployment\log
where I could then see what was going on.
Unfortunately a new problem. See code below:
File source = new File(localFilename);
File dest = new File("C:/E360/CadIntegration/" +localFilename);
try {
Files.copy(source.toPath(),dest.toPath());
msg = "Because IP was blank, file was copied to C:/E360/CadIntegration";
} catch (IOException ex) {
msg = "problem copying " +source.toPath() +" to " +dest.toPath();
System.out.println("uploadCadChanges: " +msg +", IOException is "+ex.getMessage());
}
If I run the app using javaws, it works perfectly, the file is copied over successfully. But if I run it from the web page it fails with the IOException and ex.getMessage() just says "CadChanges.txt". Real helpful.
I found the reason. When run from a web page, the current working directory is changed to current dir = C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99 but when run from javaws, it isn't. The solution was to pass the current directory to the .jnlp file via an argument tag and have the app change the cwd to it.